Path Traversal Vulnerability in Splunk Enterprise and Cloud Platform
CVE-2026-20297
7.2HIGH
Key Information:
- Vendor
Splunk
- Vendor
- CVE Published:
- 15 July 2026
What is CVE-2026-20297?
In certain versions of Splunk Enterprise and Splunk Cloud Platform, a user with permissions to edit and install apps can exploit a path traversal issue in the app installation process. This flaw allows the installation of legitimate applications to write files outside their designated directories, specifically into the $SPLUNK_HOME/etc/ directory and its subdirectories. Such behavior poses significant risks, as it may enable unauthorized access to sensitive files, leading to potential escalations in security vulnerabilities.
Affected Version(s)
Splunk Cloud Platform 10.5.2605 < 10.5.2605.0
Splunk Cloud Platform 10.4.2604 < 10.4.2604.6
Splunk Cloud Platform 10.2.2510 < 10.2.2510.18